WHAP: Web-hacking profiling using Case-Based Reasoning

Mee Lan Han, Hee Chan Han, Ah Reum Kang, Byung Il Kwak, Aziz Mohaisen, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals. In this paper, we implemented WHAP, a profiling system that uses Case-Based Reasoning (CBR). We verified WHAP's usefulness by analyzing large scale of web defacement cases including North Korean hacker's attacks against South Korea, and unveiling a relationship between those attacks and another set of attacks against Sony Pictures Entertainment.

Original languageEnglish
Title of host publication2016 IEEE Conference on Communications and Network Security, CNS 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages344-345
Number of pages2
ISBN (Electronic)9781509030651
DOIs
Publication statusPublished - 2017 Feb 21
Event2016 IEEE Conference on Communications and Network Security, CNS 2016 - Philadelphia, United States
Duration: 2016 Oct 172016 Oct 19

Other

Other2016 IEEE Conference on Communications and Network Security, CNS 2016
CountryUnited States
CityPhiladelphia
Period16/10/1716/10/19

Fingerprint

Case based reasoning
Crime

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Han, M. L., Han, H. C., Kang, A. R., Kwak, B. I., Mohaisen, A., & Kim, H. K. (2017). WHAP: Web-hacking profiling using Case-Based Reasoning. In 2016 IEEE Conference on Communications and Network Security, CNS 2016 (pp. 344-345). [7860503] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CNS.2016.7860503

WHAP : Web-hacking profiling using Case-Based Reasoning. / Han, Mee Lan; Han, Hee Chan; Kang, Ah Reum; Kwak, Byung Il; Mohaisen, Aziz; Kim, Huy Kang.

2016 IEEE Conference on Communications and Network Security, CNS 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 344-345 7860503.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Han, ML, Han, HC, Kang, AR, Kwak, BI, Mohaisen, A & Kim, HK 2017, WHAP: Web-hacking profiling using Case-Based Reasoning. in 2016 IEEE Conference on Communications and Network Security, CNS 2016., 7860503, Institute of Electrical and Electronics Engineers Inc., pp. 344-345, 2016 IEEE Conference on Communications and Network Security, CNS 2016, Philadelphia, United States, 16/10/17. https://doi.org/10.1109/CNS.2016.7860503
Han ML, Han HC, Kang AR, Kwak BI, Mohaisen A, Kim HK. WHAP: Web-hacking profiling using Case-Based Reasoning. In 2016 IEEE Conference on Communications and Network Security, CNS 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 344-345. 7860503 https://doi.org/10.1109/CNS.2016.7860503
Han, Mee Lan ; Han, Hee Chan ; Kang, Ah Reum ; Kwak, Byung Il ; Mohaisen, Aziz ; Kim, Huy Kang. / WHAP : Web-hacking profiling using Case-Based Reasoning. 2016 IEEE Conference on Communications and Network Security, CNS 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 344-345
@inproceedings{3f8f4dd129764d4d88486cb710c10769,
title = "WHAP: Web-hacking profiling using Case-Based Reasoning",
abstract = "As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals. In this paper, we implemented WHAP, a profiling system that uses Case-Based Reasoning (CBR). We verified WHAP's usefulness by analyzing large scale of web defacement cases including North Korean hacker's attacks against South Korea, and unveiling a relationship between those attacks and another set of attacks against Sony Pictures Entertainment.",
author = "Han, {Mee Lan} and Han, {Hee Chan} and Kang, {Ah Reum} and Kwak, {Byung Il} and Aziz Mohaisen and Kim, {Huy Kang}",
year = "2017",
month = "2",
day = "21",
doi = "10.1109/CNS.2016.7860503",
language = "English",
pages = "344--345",
booktitle = "2016 IEEE Conference on Communications and Network Security, CNS 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - WHAP

T2 - Web-hacking profiling using Case-Based Reasoning

AU - Han, Mee Lan

AU - Han, Hee Chan

AU - Kang, Ah Reum

AU - Kwak, Byung Il

AU - Mohaisen, Aziz

AU - Kim, Huy Kang

PY - 2017/2/21

Y1 - 2017/2/21

N2 - As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals. In this paper, we implemented WHAP, a profiling system that uses Case-Based Reasoning (CBR). We verified WHAP's usefulness by analyzing large scale of web defacement cases including North Korean hacker's attacks against South Korea, and unveiling a relationship between those attacks and another set of attacks against Sony Pictures Entertainment.

AB - As in the real world's criminal investigation, cyber criminal profiling is important to attribute cyber attacks. Every cyber crime committed by the same hacker or hacking group has unique characteristics such as attack purpose, attack methods, and target's profile. Therefore, a complete analysis of the hacker's activities can give investigators hard evidence to attribute attacks and unveil criminals. In this paper, we implemented WHAP, a profiling system that uses Case-Based Reasoning (CBR). We verified WHAP's usefulness by analyzing large scale of web defacement cases including North Korean hacker's attacks against South Korea, and unveiling a relationship between those attacks and another set of attacks against Sony Pictures Entertainment.

UR - http://www.scopus.com/inward/record.url?scp=85015988497&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015988497&partnerID=8YFLogxK

U2 - 10.1109/CNS.2016.7860503

DO - 10.1109/CNS.2016.7860503

M3 - Conference contribution

AN - SCOPUS:85015988497

SP - 344

EP - 345

BT - 2016 IEEE Conference on Communications and Network Security, CNS 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -